Tag Archives: Compliance

Are you managing data sanitization properly? Every time you retire a computers, laptops, tablets, smartphones, portable media, printer or other digital device a strict protocol needs to be maintain for data sanitization. Data sanitization is the deliberate, permanent and irreversible destruction of data stored on… Continue reading

The end of 2 beloved and notorious operating systems Microsoft Windows 7 & Server 2008 R2 is upon us. As of January 2020, Windows 7 and Windows server 2008 will no longer be supported. Much like you may remember the end of life for Windows… Continue reading

Most any web user can tell you when they visit a website that uses HTTPS. They know this by the green lock in browser or the HTTPS (vs. HTTP) in the address bar. This indicates that you can generally trust your connection to the site… Continue reading

Social engineering is a threat that faces organizations from small business to large enterprises. As we’ve explored multiple times on this site, there are few organizations that are truly prepared to address these types of threats. Social engineering attempts to coax, cajole, and manipulate others… Continue reading

What is GDPR? GDPR or General Data Protection Regulation is new European Union data protection legislation outlining the various data protections for EU citizens data. It replaces the 1995 EU Data protection directive and defines a variety of users or customers rights and responsibilities on… Continue reading

Technology is a powerful tool in assuring the confidentiality, availability and integrity of your critical data – but it is no failsafe. Even the best of breed technology deployed in a layer approach (defense in depth) will have flaws. The most well meaning and resourced… Continue reading

Data breaches are no joke, they bring real risks & serious quantifiable costs. A data breach is a security incident in which sensitive or confidential information is copied, transmitted or stolen by an unauthorized party. This data can be anything from credit card records, PHI… Continue reading

The HHS Office for Civil Rights (OCR) is gearing up for random audits of healthcare providers and partners. OCR is starting its 2nd phase of its ongoing audit program of CEs (Covered Entities), BA (Business Associates) in 2016. You may recall that HHS’ Office for… Continue reading

If you run a business that processes credit card payments you know the difficulties of PCI compliance. Payment Card Industry Data Security Standard (PCI DSS) is a security standard that applies to any organization that accepts, process or store credit card data. The PCI Standard… Continue reading

Most health care providers and medical practices understand the basics of HIPAA compliance but often miss critical technical or operational details that leave them out of compliance. These technical details are far from inconsequential. Take the example of email. Many health care organizations (covered entities)… Continue reading